[Bug 862096] New: icecast-2.3.2-CVE-2011-4612.diff causes access to free'd memory
https://bugzilla.novell.com/show_bug.cgi?id=862096 https://bugzilla.novell.com/show_bug.cgi?id=862096#c0 Summary: icecast-2.3.2-CVE-2011-4612.diff causes access to free'd memory Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: x86-64 OS/Version: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: wengxt@gmail.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0 first, icecast-2.3.2-CVE-2011-4612.diff is no longer required as it's fixed by upstream. second, this patch introduce access to free'd memory because path is changed to filtered_path and is free'd later but path is still being accessed. Thus, this patch should be removed. Reproducible: Always -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=862096 https://bugzilla.novell.com/show_bug.cgi?id=862096#c Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de, | |suse-beta@cboltz.de AssignedTo|bnc-team-screening@forge.pr |tiwai@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=862096 https://bugzilla.novell.com/show_bug.cgi?id=862096#c1 --- Comment #1 from Takashi Iwai <tiwai@suse.com> 2014-02-11 10:44:17 UTC --- Thanks for reporting. The fix was submitted to FACTORY (SR#221821) and 13.1:Update (SR#221822). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=862096 https://bugzilla.novell.com/show_bug.cgi?id=862096#c2 --- Comment #2 from Bernhard Wiedemann <bwiedemann@suse.com> 2014-02-11 12:00:23 CET --- This is an autogenerated message for OBS integration: This bug (862096) was mentioned in https://build.opensuse.org/request/show/221821 Factory / icecast https://build.opensuse.org/request/show/221822 13.1 / icecast -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=862096 https://bugzilla.novell.com/show_bug.cgi?id=862096#c3 Benjamin Brunner <bbrunner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #3 from Benjamin Brunner <bbrunner@suse.com> 2014-02-19 16:55:57 CET --- Update released for openSUSE 13.1. Resolved fixed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=862096 https://bugzilla.novell.com/show_bug.cgi?id=862096#c4 --- Comment #4 from Swamp Workflow Management <swamp@suse.de> 2014-02-19 16:04:54 UTC --- openSUSE-RU-2014:0259-1: An update that has one recommended fix can now be installed. Category: recommended (moderate) Bug References: 862096 CVE References: Sources used: openSUSE 13.1 (src): icecast-2.3.3-2.8.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com